Forum Discussion
hooleylist
Jun 02, 2008Cirrostratus
If you're trying to insert the output from an SSL-based command, you'd want to only attempt it for HTTPS connections. The SSL:: commands wouldn't be valid if the clientside connection was non-HTTPS. So add the header insert line within the 'else' block of the HTTP_REQUEST event:
when HTTP_REQUEST {
If redirect_http_to_https is enabled and the request was made to an HTTP port, redirect the client to the same host/URI over HTTPS
if { ($::redirect_http_to_https == 1 or ([info exists redirect_http_to_https] && $redirect_http_to_https)) && \
([info exists vip_http_port] && $vip_http_port==1)}{
HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
if {$::debug}{log local0. "redirecting client [IP::client_addr] to https://[getfield [HTTP::host] \":\" 1][HTTP::uri]"}
} else {
HTTP::header insert SSLClientCipher [SSL::cipher name],\x20version=[SSL::cipher version],\x20bits=[SSL::cipher bits]
...
}
}
If you're already checking that the requested port is HTTPS before trying to insert the HTTP header, can you post the full rule you get the error with?
Another way to insert a space would be to wrap the header value in double quotes:
HTTP::header insert SSLClientCipher "[SSL::cipher name], version=[SSL::cipher version], bits=[SSL::cipher bits]"
Aaron